Command Execution Vulnerability in Nokia Affix Bluetooth Daemon
CVE-2005-2716

Currently unrated

Key Information:

Vendor: Nokia
Status: Affix
Vendor: CVE Published:; 29 August 2005

What is CVE-2005-2716?

The btsrv daemon in Nokia Affix versions 2.1.2 and 3.2.0 is susceptible to a command execution vulnerability. This flaw allows remote attackers to execute arbitrary commands by injecting shell metacharacters into a Bluetooth device name. Exploiting this vulnerability might let an attacker gain unauthorized control over the affected device, potentially compromising sensitive data and user privacy.

References

http://www.debian.org/security/2005/dsa-796

vendor-advisoryx_refsource_DEBIAN

http://affix.sourceforge.net/patch_btsrv_affix_3_2_0

x_refsource_CONFIRM

http://www.securityfocus.com/bid/14672

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2005
Vulnerability Reserved
Aug 29, 2005